|Home » Resources » Software » Reviews
TerminateProcess & TerminateThread: The Blacklist
The following corporations are known to use TerminateProcess and TerminateThread in their software.
TerminateProcess and TerminateThread are not meant to be used in 'Release' applications. They are reserved for debugging tools and exceptional applications such as process managers. Clearly they cause great damage to a system.
If you were wondering why you seemed to lose memory; why you seemed to lose system resources; why your system started behaving badly, after a time; why you suddenly crashed out of nowhere - well, maybe you don't have to look any further any more - maybe it wasn't the operating system at fault after all.
If you run across any other apps that use these malicious calls, write to us so that we can add them to this list.
||CoffeeCup HTML Editor++, CoffeeCup Direct FTP, CoffeeCup Image Mapper++, CoffeeCup HTML Express, CoffeeCup StyleSheet Maker++, assorted Java applets
||Copernic, Copernic Plus ('It won't cause any dammage (sic) to your computer.')
||Diskeeper, Diskeeper Lite, Undelete for Windows NT
||DemoShield, InstallFromTheWeb, InstallShield Express, InstallShield for Windows CE, InstallShield International, InstallShield Professional, PackageForTheWeb
||Animation Shop, Bookshelf, Illuminatus, Image Robot, Paint Shop Pro, Quick View Plus
||Access, Chat, Encarta, Excel, Finder, FindFast, FrontPage, GIF Animator, Internet Connection Wizard, Internet Explorer, Microsoft Money, Microsoft Works, MS Info, MSN Setup, MS Office format converters, MS Office runtime and spell checkers, NetMeeting, NetShow, OLE DB Provider for Jet, Outlook, Outlook Express, Pinball, PowerPoint, Press Conference, Reference Library, SendFile, Visual Basic runtime - and almost everything in your system(32) directory
|Network Associates (Mcafee)
||2000 Toolbox, AutoUpdate, Doctor Solomon's Anti-Virus, Doctor Solomon's Anti-Virus Deluxe, Doctor Solomon's Virex, First Aid 2000, First Aid 2000 Platinum, GroupShield, Guard Dog, Management Console, NetShield, Nuts & Bolts, Nuts & Bolts Platinum, Office, Oil Change, PGP Desktop Security, PGP Personal Privacy, PGP Security Suite, Safe & Sound, Uninstaller, Uninstaller Deluxe, VirusScan, VirusScan Deluxe, VirusScan Platinum, WebShield
||32-bit Portable Runtime, Java Interpreter
|Niko Mak Computing
|O&O Software GmbH
||Opera (For an update on the tactics of the infamous Opera Mafia, click here.)
||Eudora, Eudora Pro, Now Utilities, OmniTRACS
If you find the TerminateProcess string in your application, look also for the string 'Visual C++ Runtime Library'. If this string occurs as often as the TerminateProcess string, the source of the call might be the Microsoft runtime itself (again operative words 'might be'). However, a vendor can easily clarify the matter by simply linking dynamically with the Microsoft runtime - something they should be doing anyway.
Linking statically - and thus producing the string mentioned - only wastes your precious disk space, and is most likely done only because the vendor has been too lazy to change the build settings for the application. (And who wants to pay good money for an application that is built so carelessly?)
Not only is the DLL version of the runtime safer in this regard, it is also thread-safe as well - something you must never trust the static runtime to be.
The reason the Microsoft runtime has the TerminateProcess call is to ensure that your system does not hang in a critical situation: a terminated process is infinitely better than a hung system. The call described in the Microsoft documentation as 'terminate with extreme prejudice' is only used as a last resort, and only when repeated attempts by the designated exit thread have failed, and is not a matter taken lightly.
ISVs on the other hand often use TerminateProcess (and especially TerminateThread) because they really don't have a clue about Win32 IPC and process and thread management and don't care to learn either.